Practical Attack on All Parameters of the DME Signature Scheme

Pierre Briaud; Maxime Bros; Ray Perlner; Daniel Smith-Tone

Paper 2024/333

Practical Attack on All Parameters of the DME Signature Scheme

Pierre Briaud, Inria Paris, Sorbonne Université

Maxime Bros

, National Institute of Standards and Technology (NIST)

Ray Perlner

, National Institute of Standards and Technology (NIST)

Daniel Smith-Tone

, National Institute of Standards and Technology (NIST), University of Louisville

Abstract

DME is a multivariate scheme submitted to the call for additional signatures recently launched by NIST. Its performance is one of the best among all the candidates. The public key is constructed from the alternation of very structured linear and non-linear components that constitute the private key, the latter being defined over an extension field. We exploit these structures by proposing an algebraic attack which is practical on all DME parameters.

Metadata

Available format(s): PDF
Category: Attacks and cryptanalysis
Publication info: Published elsewhere. EUROCRYPT 2024
Keywords: Public Key Cryptography Multivariate Cryptography NIST Candidates Algebraic Cryptanalysis
Contact author(s): pierre @ simula no
maxime bros @ nist gov
ray perlner @ nist gov
daniel smith @ nist gov
History: 2024-02-27: approved; 2024-02-26: received; See all versions
Short URL: https://ia.cr/2024/333
License: CC BY

BibTeX

@misc{cryptoeprint:2024/333,
      author = {Pierre Briaud and Maxime Bros and Ray Perlner and Daniel Smith-Tone},
      title = {Practical Attack on All Parameters of the {DME} Signature Scheme},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/333},
      year = {2024},
      url = {https://eprint.iacr.org/2024/333}
}